Back to CVE List

CVE-2025-15667

LOW SEVERITY

CVSS Score & Metrics

Base Score
3.3 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Vulnerability Description

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gf_isom_nalu_sample_rewrite of the file src/isomedia/avc_ext.c of the component MP4Box. This manipulation of the argument nalu_out_bs causes double free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: f29f955f2a3b5e8e507caad3e52319f961bf37bf. To fix this issue, it is recommended to deploy a patch.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-119
Source
NVD
Product
GPAC

External References

Discussion (0)

Add Comment

No comments yet. Be the first!